[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Unidentified subject!

I gave a presentation a few years ago called "Reasonably secure builds"
taht covers the basics of setting up a Linux box. The slides can be found
at http://www.tux.org/~storm.

As for the iptables piece of it, yes, you should probably upgrade to a 2.4
kernel, 2.4.22 works quite well. I use an iptables script called gShield,
which can be found at http://muse.linuxmafia.org/gshield.html.

On Wed, Oct 15, 2003 at 08:38:28AM -0500, simonw@cornfield.org.uk wrote:
> Subject: Firewall security
> Message-Id: <E1A9lqc-0003I1-00@gaul.cornfield.org.uk>
> From: simonw@cornfield.org.uk
> Date: Wed, 15 Oct 2003 14:37:54 +0100
> Hi
> I have iinsatlled Debian many times in the past, but each time was for a server
> behind a firewall.
> I now have to build a new server that will sit on the web directly, and move an
> existing server onto the web.
> Both servers will run Woody.
> Is there a document, or reference, somewhere that explains how to secure Debian
> servers . These servers will need to provide ssh, http, mail, ftp(?). I was thinking
> along the lines of iptables, but I have never configured this before. Will I have to
> upgrade to teh 2.4 kernel?
> Many thanx
> Simon  
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> Mailscanner thanks transtec Computers for their support.
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Bradley M. Alexander                |
gTLD SysAdmin, Security Engineer    |   storm [at] tux.org
Debian/GNU Linux Developer          |   storm [at] debian.org
Key fingerprints:
DSA 0x54434E65: 37F6 BCA6 621D 920C E02E  E3C8 73B2 C019 5443 4E65
RSA 0xC3BCBA91: 3F 0E 26 C1 90 14 AD 0A  C8 9C F0 93 75 A0 01 34
There is always a way.
The easy way is always mined.
						--Murphy's Laws of Combat

Reply to: